6867 matches found
Microsoft Word (CVE-2010-3220) Remote Code Execution Vulnerability
Description Microsoft Word is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Word file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...
Microsoft Internet Explorer Uninitialized Memory CVE-2010-3331 Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura...
Microsoft Windows OpenType Font (OTF) Format Driver CVE-2010-2740 Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. Attackers may exploit this issue to execute arbitrary code with kernel-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Failed exploit attempts...
Microsoft Word Record Value Parsing (CVE-2010-3221) Remote Code Execution Vulnerability
Description Microsoft Word is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Word file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...
Microsoft Internet Explorer Auto-Complete Information Disclosure Vulnerability
Description Microsoft Internet Explorer is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Avaya Aura Conferencing 6.0 Standard Avaya Aura Conferencing Standard Avaya CallPilo...
Microsoft Excel Merge Cell Record Pointer (CVE-2010-3237) Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...
Microsoft Internet Explorer Cross Domain CVE-2010-3330 Information Disclosure Vulnerability
Description Microsoft Internet Explorer is prone to a cross-domain information-disclosure vulnerability because the application fails to properly enforce the same-origin policy. An attacker can exploit this issue to access content from a browser window in another domain or security zone. This may...
Microsoft Internet Explorer Uninitialized Memory CVE-2010-3328 Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura...
Microsoft Internet Explorer Uninitialized Memory CVE-2010-3326 Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura...
Microsoft Word Index Value Handling (CVE-2010-2750) Remote Code Execution Vulnerability
Description Microsoft Word is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Word file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...
Microsoft Windows SChannel TLSv1 Remote Denial of Service Vulnerability
Description Microsoft Windows is prone to a remote denial-of-service vulnerability that affects the Secure Channel SChannel security package. Successful exploits will allow an attacker to crash the affected system, resulting in a system restart. Repeated attacks will cause a permanent...
Microsoft Windows Remote Procedure Call Subsystem Local Privilege Escalation Vulnerability
...
Microsoft Word (CVE-2010-2748) Remote Code Execution Vulnerability
Description Microsoft Word is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Word file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...
Microsoft Excel Record Parsing Sign Extension Integer Overflow Vulnerability
Description Microsoft Excel is prone to an integer-overflow vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...
Microsoft Word Malformed Record Value (CVE-2010-3218) Remote Code Execution Vulnerability
Description Microsoft Word is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Word file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...
Microsoft Excel Negative Future Function (CVE-2010-3238) Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...
Microsoft Internet Explorer 'toStaticHTML' HTML Sanitizing Information Disclosure Vulnerability
Description Microsoft Internet Explorer is prone to an information-disclosure vulnerability that affects the 'toStaticHTML' API. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Avaya Aura Conferencing 6.0 Standard Avaya Aura...
Microsoft Excel Out of Bounds Array (CVE-2010-3236) Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...
Microsoft Excel Lotus 1-2-3 Workbook Parsing Remote Heap Buffer Overflow Vulnerability
Description Microsoft Excel is prone to a remote heap-buffer-overflow vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Lotus '1-2-3' file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user...
Microsoft Excel Record Format Parsing (CVE-2010-3232) Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...
Microsoft Word (CVE-2010-3217) Remote Code Execution Vulnerability
Description Microsoft Word is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Word file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...
Microsoft Windows Kernel 'Win32k.sys' Keyboard Layout Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers. Fail...
Microsoft Excel BIFF Record Parsing Dangling Pointer Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...
Microsoft Windows Media Player CVE-2010-2745 Remote Code Execution Vulnerability
Description Microsoft Windows Media Player is prone to a remote code-execution vulnerability when handling specially crafted media content. An attacker can exploit this issue by enticing an unsuspecting user to view a malicious webpage. Successful exploits will allow the attacker to execute...
Microsoft Excel Ghost Record Type Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability because the applications fails sufficiently validate user-supplied input. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits can allow attackers...
Microsoft Windows Kernel 'Win32k.sys' Window Class Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers. Fail...
Microsoft Internet Explorer Anchor Element Information Disclosure Vulnerability
Description Microsoft Internet Explorer is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Avaya Aura Conferencing 6.0 Standard Avaya Aura Conferencing Standard Avaya CallPilo...
Microsoft Word Index Value Parsing (CVE-2010-3219) Remote Code Execution Vulnerability
Description Microsoft Word is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Word file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...
Microsoft Windows OpenType Font (OTF) Format Driver CVE-2010-2741 Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. Attackers may exploit this issue to execute arbitrary code with kernel-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Failed exploit attempts...
Microsoft .NET Framework JIT Compiler Optimization Remote Code Execution Vulnerability
Description The Microsoft .NET Framework is prone to a remote code-execution vulnerability. Successful exploits will allow the attacker to execute arbitrary code within the context of the currently logged-in user or the service account associated with an application pool identity. Failed exploit...
Microsoft Word (CVE-2010-3214) Remote Code Execution Vulnerability
Description Microsoft Word is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Word file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...
Microsoft Internet Explorer Uninitialized Memory Word Document Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks will cause denial-of-service conditions. The following versions of the...
Microsoft Windows Embedded OpenType Font Engine Integer Overflow Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability that affects the Embedded OpenType EOT font engine. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attempts may trigger a denial-of-service conditio...
Microsoft Word Return Value Handling (CVE-2010-3215) Remote Code Execution Vulnerability
Description Microsoft Word is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Word file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...
Microsoft Windows Common Control Library Remote Heap Buffer Overflow Vulnerability
Description Microsoft Windows Common Control Library is prone to a remote heap-based buffer-overflow vulnerability because the library fails to perform adequate boundary-checks on user-supplied data. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted web...
Microsoft Excel Out-of-Bounds Memory Write (CVE-2010-3241) Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...
Microsoft Windows Failover Clustering File Permissions Security Bypass Vulnerability
Description Microsoft Windows Failover Clustering is prone to a security-bypass vulnerability. Local attackers can exploit this issue to perform unauthorized actions against the administrative shares on the failover cluster disk. Technologies Affected Microsoft Windows Server 2008 R2 Itanium...
Microsoft Excel Record Parsing Remote Buffer Overflow Vulnerability
Description Microsoft Excel is prone to a remote buffer-overflow vulnerability because the application fails to perform adequate boundary-checks on user-supplied data. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits can...
Microsoft Excel Record Validation Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...
Microsoft Windows CSRSS Memory Allocation Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. This issue affects...
Microsoft IIS Repeated Parameter Request Denial of Service Vulnerability
Description Microsoft IIS is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to force the affected application to become unresponsive, denying service to legitimate users. This issue affects IIS 5.1, 6.0, 7.0, and 7.5. Technologies Affected Avaya Aura...
Microsoft Windows RPC Memory Allocation Remote Code Execution Vulnerability
Description Microsoft Windows RPC is prone to a remote code-execution vulnerability. An attacker can exploit this issue by sending a specially crafted RPC request to an affected computer. Successfully exploiting this issue will allow the attacker to execute arbitrary code with full system rights,...
Microsoft IIS Request Header Buffer Overflow Vulnerability
Description Microsoft IIS is prone to a remote buffer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. This issue affects IIS 7.5 on Windows 7...
Microsoft Outlook 'Online Mode' Remote Heap Buffer Overflow Vulnerability
Description Microsoft Outlook is prone to a remote heap-based buffer-overflow vulnerability because it fails to properly validate user-supplied data. Attackers can exploit this issue by enticing an unsuspecting user to preview or view a crafted email message. Successfully exploiting this issue wi...
Microsoft MPEG-4 Codec Media File Remote Code Execution Vulnerability
Description Microsoft MPEG-4 codec is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing an unsuspecting user to open a malicious file or view a web page containing a malicious file. A successful exploit will result in the execution of arbitrary...
Microsoft LSASS ADAM/ADLDS Privilege Escalation Vulnerability
Description Microsoft Windows Local Security Authority Subsystem Service LSASS is prone to a privilege-escalation vulnerability. This issue occurs in Active Directory, Active Directory Application Mode ADAM, and Active Directory Lightweight Directory Service ADLDS. An attacker can exploit this...
Microsoft Windows and Office Uniscribe Font Parsing Engine Remote Code Execution Vulnerability
Description Microsoft Windows and Office are prone to a remote code-execution vulnerability when handling crafted font data. An attacker can exploit this issue by enticing an unsuspecting user to open a malicious file or webpage. A successful exploit may allow arbitrary code to run in the context...
Microsoft Windows Print Spooler Service Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability that affects the Print Spooler Service. A remote attacker can exploit this issue to execute code with SYSTEM-level privileges. Local attackers able to submit print jobs can exploit this issue to gain elevated...
Microsoft WordPad Text Converter Word 97 File Parsing Memory Corruption Vulnerability
Description Microsoft WordPad Text Converter is prone to a remote memory-corruption vulnerability. An attacker could exploit this issue to execute arbitrary code with the privileges of the currently logged-in user. Failed exploit attempts may result in denial-of-service conditions. Technologies...
Adobe Flash Player CVE-2010-2884 Unspecified Remote Code Execution Vulnerability
Description Adobe Flash Player is prone to an unspecified remote code-execution vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks may cause denial-of-service conditions. Adobe Flash Player 10.1.82.76...